I'm very happy with it since it's so much faster and easier to work with than my NSLU2 (which is 1/10th the CPU freq and 1/16th the RAM). There was one problem though, I couldn't load the NAT modules. After some investigation it turns out that the kernel doesn't have routing configured and it's missing a whole bunch of modules that Tonido (or sheeva, not clear about which exactly) decided they didn't need to provide.
Fortunately, I'm booting from a USB drive, and it's very easy to make a bootable drive. If I make a mistake and make the USB drive unbootable, I can just extract the rootfs and modules tarballs back onto the drive (before or after mkfs, according to taste) and it'll be bootable again. I would never try to modify the kernel (or even install modules) on the NAND since I don't want to risk bricking the plugcomputer. Although I did do a bunch of sudo apt-get [packages] on the NAND before I realized what I was doing and stopped :-).
Mikestaszel suggested building the module and copying it over, to get ppp working. Taking that hint, I downloaded the source for the kernel I was using and after some misadventures due to forgetting techniques from long ago, I finally got the modules I needed built and installed.
The tonido runs the 2.6.30-rc6 kernel so I downloaded 2.6.30.6 from kernel.org. I used the config file for this kernel from sheeva.with-linux.com. My first try at building the kernel didn't work because of bad magic. After some googling I realized/remembered that I needed to modify the kernel makefile so that EXTRAVERSION would match the one from the running kernel, so EXTRAVERSION=-rc6.
A second try at building the kernels got me closer but it still didn't work. The bad magic error was gone, but some symbols were missing.
I didn't particularly want to build the kernel itself since I'd hoped that just building and installing relevant modules would be sufficient. Unfortunately, NAT requires CONFIG_IP_ADVANCED_ROUTER, and that can't be built as a module. So there was no way around it, I'd have to build a kernel.
After the kernel was configured and built along with the modules I needed (make menuconfig;make;make modules), I needed to make a uImage (google pointed me at this generate uImage for sheevaplug page). That required:
sudo apt-get install uboot-mkimage
make uImage
cp arch/arm/boot/uImage /boot
make modules_install
rebootmodprobe iptable_nat finally succeeded and some testing proved that the plugcomputer was working correctly as a NAT router.
-- UPDATE --
When I installed and rebooted with the new kernel, I found myself unable to run processes as a regular user. The processed would be killed immediately. I can't see how it would have been a problem with how I built the kernel since all I did was allow advanced router features and NAT/MASQUERADE. But there it is. I don't mind running as root on the tonidoplug since everything I do there I'd need to run sudo anyway, but I've switched back to using the NSLU2 for now so I can play with the tonidoplug, building kernels, rebooting at will and possibly eventually getting this latest problem fixed :-).
-- UPDATE 2010-06-22 --
I'm wrong. I *do* mind running everything as root on the tonidoplug. I don't mind running openvpn or sshd as root, but I don't want to run squid or transmission-daemon as root since any successful remote attack instantly gets root privileges.
No comments:
Post a Comment